fix: handle json array existence when single or multi-project results

Author: dylanmorley

.github/CONTRIBUTING.md

@@ -79,7 +79,7 @@ To release a major you need to add `BREAKING CHANGE: ` to the start of the body
 
 Ensure that your code adheres to the included `.eslintrc` config by running `npm run test:checks`.
 
-Check your code is formatted by running `prettier`m e.g. `npx prettier --check "the-search-path"`
+Check your code is formatted by running `prettier` e.g. `npx prettier --check snykTask/**/*.ts` and auto-fix any violations by performing `npx prettier --write snykTask/**/*.ts`
 
 ## Sending pull requests
 

snykTask/src/__tests__/task-lib.test.ts

@@ -46,7 +46,18 @@ test('getOptionsToExecuteSnyk builds IExecOptions like we need it', () => {
   expect(options.ignoreReturnCode).toBe(true);
 });
 
-test('finds vulnerabilities greater than medium threshold', () => {
+test('finds vulnerabilities greater than medium threshold in single-project results', () => {
+  const fixturePath =
+    'snykTask/test/fixtures/single-project-high-vulnerabilities.json';
+  const itemsFound = doVulnerabilitiesExistForFailureThreshold(
+    fixturePath,
+    'medium',
+  );
+
+  expect(itemsFound).toBe(true);
+});
+
+test('finds vulnerabilities greater than medium threshold in multi-project results', () => {
   const fixturePath = 'snykTask/test/fixtures/high-vulnerabilities.json';
   const itemsFound = doVulnerabilitiesExistForFailureThreshold(
     fixturePath,

snykTask/src/task-lib.ts

@@ -123,17 +123,29 @@ export function doVulnerabilitiesExistForFailureThreshold(
   const json = JSON.parse(file);
   const thresholdOrdinal = getSeverityOrdinal(threshold);
 
-  for (let i = 0; i < json.length; i++) {
-    let project = json[i];
-    for (const vulnerability of project['vulnerabilities']) {
-      if (getSeverityOrdinal(vulnerability['severity']) >= thresholdOrdinal) {
+  if (Array.isArray(json)) {
+    for (let i = 0; i < json.length; i++) {
+      if (hasMatchingVulnerabilities(json[i], thresholdOrdinal)) {
         return true;
       }
     }
+  } else {
+    if (hasMatchingVulnerabilities(json, thresholdOrdinal)) {
+      return true;
+    }
   }
 
   console.log(
     `no vulnerabilities of at least '${threshold}' severity were detected, not failing build`,
   );
   return false;
 }
+
+function hasMatchingVulnerabilities(project: any, thresholdOrdinal: number) {
+  for (const vulnerability of project['vulnerabilities']) {
+    if (getSeverityOrdinal(vulnerability['severity']) >= thresholdOrdinal) {
+      return true;
+    }
+  }
+  return false;
+}

snykTask/test/fixtures/high-vulnerabilities.json

@@ -11,5 +11,18 @@
     "ok": true,
     "dependencyCount": 0,
     "org": "demo-applications"
-    }
+  },
+  {
+    "vulnerabilities": [
+      {
+        "severity": "medium"
+      },
+      {
+        "severity": "high"
+      }    
+    ],
+    "ok": true,
+    "dependencyCount": 0,
+    "org": "demo-applications"
+  }
 ]

snykTask/test/fixtures/single-project-high-vulnerabilities.json

@@ -0,0 +1,14 @@
+{
+  "vulnerabilities": [
+    {
+      "severity": "critical"
+    },
+    {
+      "severity": "high"
+    }    
+  ],
+  "ok": true,
+  "dependencyCount": 0,
+  "org": "demo-applications"
+}  
+